cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Remove output buffer limitation for PSA with GCM.

Browse Source 
The requirement of minimum 15 bytes for output buffer in
psa_aead_finish() and psa_aead_verify() does not apply
to the built-in implementation of the GCM.

Alternative implementations are expected to verify the
length of the provided output buffers and to return
the MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL in case the
buffer length is too small.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
This commit is contained in:
Mateusz Starzyk 2021-09-30 16:39:07 +02:00
parent cd51e76583
commit f28261fc14
5 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ChangeLog.d/psa_gcm_buffer_limitation.txt Normal file
View File

@ -0,0 +1,11 @@
Bugfix
* Remove PSA'a AEAD finish/verify output buffer limitation for GCM.
The requirement of minimum 15 bytes for output buffer in
psa_aead_finish() and psa_aead_verify() does not apply to the built-in
implementation of GCM.
API changes
* New error code for GCM: MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL.
Alternative GCM implementations are expected to verify
the length of the provided output buffers and to return the
MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL in case the buffer length is too small.

2
include/mbedtls/gcm.h
View File

@ -45,6 +45,8 @@
#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012 #define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012
/** Bad input parameters to function. */ /** Bad input parameters to function. */
#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014 #define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014
/** An output buffer is too small. */
#define MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL -0x0018
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

2
library/psa_crypto.c
View File

@ -201,6 +201,8 @@ psa_status_t mbedtls_to_psa_error( int ret )
case MBEDTLS_ERR_GCM_AUTH_FAILED: case MBEDTLS_ERR_GCM_AUTH_FAILED:
return( PSA_ERROR_INVALID_SIGNATURE ); return( PSA_ERROR_INVALID_SIGNATURE );
case MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL:
return( PSA_ERROR_BUFFER_TOO_SMALL );
case MBEDTLS_ERR_GCM_BAD_INPUT: case MBEDTLS_ERR_GCM_BAD_INPUT:
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );

3
library/psa_crypto_aead.c
View File

@ -567,9 +567,6 @@ psa_status_t mbedtls_psa_aead_finish(
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
if( operation->alg == PSA_ALG_GCM ) if( operation->alg == PSA_ALG_GCM )
{ {
if( ciphertext_size < 15 )
return( PSA_ERROR_BUFFER_TOO_SMALL );
status = mbedtls_to_psa_error( status = mbedtls_to_psa_error(
mbedtls_gcm_finish( &operation->ctx.gcm, mbedtls_gcm_finish( &operation->ctx.gcm,
ciphertext, ciphertext_size, ciphertext_length, ciphertext, ciphertext_size, ciphertext_length,

2
tests/suites/test_suite_psa_crypto.data
View File

@ -3348,7 +3348,7 @@ aead_multipart_update_buffer_test:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8
PSA AEAD finish buffer test: AES - GCM, BUF = 8, TAG = 16 PSA AEAD finish buffer test: AES - GCM, BUF = 8, TAG = 16
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:8:16:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_ERROR_BUFFER_TOO_SMALL aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:8:16:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_SUCCESS
PSA AEAD finish buffer test: AES - GCM, BUF = 15, TAG = 20 PSA AEAD finish buffer test: AES - GCM, BUF = 15, TAG = 20
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES